How to Block a Big List of IP Addresses with ipset and iptables

Sometimes you need to block a certain number of IP addresses. It is ok, when you have 10 addresses to reject. But what if you have 2000? Here is the solution that will allow you to limit any number of addresses.

I’m going to use ipset. In my sample there is a CentOS machine, so I will use yum, for other systems use the appropriate package manager. First of all, let’s download it.

yum install ipset

Then we will need to create the list of IP addresses we want to block. This list should consist of IP addresses only, one per line. Let’s create a list first: